Re: Diffie hellman - Open SSL Client and C# Server
May i know the packet structure openssl uses for exchanging public parameters -- View this message in context: http://openssl.6102.n7.nabble.com/Diffie-hellman-Open-SSL-Client-and-C-Server-tp47524p48157.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Diffie hellman - Open SSL Client and C# Server
On 15 Jan 2014, at 2:39 PM, cvishnuid wrote: > May i know the packet structure openssl uses for exchanging public parameters If you mean the actual packets exchanged then the SSL/TLS RFCs and/or any good book on the subject will show the format of the ServerKeyExchange and ClientKeyExchange messages. Is that what you are asking? Erik __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
CVE-2013-6450 and 0.9.8-line
It is my understanding that 0.9.8y contains the DTLS retransmission flaw described in CVE-2013-6450. I thought I read somewhere that OpenSSL.org is working on a 0.9.8za release to address this issue (and other bug fixes). Is that correct? If so, what is the release schedule? Thanks. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Cross compiling 1.2.2 for the Analog Devices Blackfin
Hi folks, Similar to an email just sent, I'm trying to cross compile (except for an Analog Devices Blackfin, uclinux based, little-endian). We're stuck with openssl 0.9.8, so I'm trying to build openssl-fips-1.2.2. Here's the steps being executed for openssl-fips-1.2.2: (set -e ; \ export MACHINE=generic32 ; \ export RELEASE=2.6.34 ; \ export SYSTEM=Linux ; \ export HOSTCC=gcc ; \ export INSTALL_PREFIX=$(STAGEDIR) ; \ export FIPS_SIG=$(ROOTDIR)/lib/openssl-fips/incore; \ export CROSS_COMPILE="bfin-linux-uclibc-"; \ ./config fipscanisterbuild no-asm ; \ make -j1 ; \ make -j1 install ) FIPS_SIG is pointing to the incore script downloaded from https://www.openssl.org/docs/fips/incore.gz. The Makefile terminates with: ./libcrypto.so.0.9.8: Not a FIPS executable By setting DEBUG=1 in the incore script, I see: FIPS_rodata_end= FIPS_rodata_start= FIPS_signature= FIPS_text_end= FIPS_text_start= FINGERPRINT_ascii_value= DOTrodata=000CFF64 DOTrodata_OFF=000CFF64 DOTtext=0003CAB8 DOTtext_OFF=0003CAB8 Should openssl-fips be building libcrypto and libssl? I thought those would be built in step 2 from the openssl-0.9.8 source. These are created successfully: lib/openssl-fips/openssl-fips-1.2.2/fips/fipscanister.o.sha1 lib/openssl-fips/openssl-fips-1.2.2/fips/fipscanister.o I feel like I'm missing something obvious, but I can't seem to find what I'm missing. -- View this message in context: http://openssl.6102.n7.nabble.com/Cross-compiling-1-2-2-for-the-Analog-Devices-Blackfin-tp48173.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2013-6450 and 0.9.8-line
On Thu, Jan 16, 2014, no_spam...@yahoo.com wrote: > It is my understanding that 0.9.8y contains the DTLS retransmission flaw > described in CVE-2013-6450. > It contains the flaw but it is not a DoS issue in 0.9.8. It's not a trivial fix for 0.9.8 because the DTLS record handling changed in 1.0.0. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Cross compiling 1.2.2 for the Analog Devices Blackfin
OK, for some reason, our objects start with _: _FINGERPRINT_ascii_value=000D5B7C _FIPS_rodata_start=000CFF64 _FIPS_text_start=0003CCF0 _FIPS_rodata_end=000D5238 _FIPS_text_end=000622A8 _FIPS_signature=00107D30 I added sed -e 's/^_//g' to the objdump line and I'm now getting: TARGET: elf32-bfinfdpic FIPS_rodata_end=000D5238 FIPS_rodata_start=000CFF64 FIPS_signature=00107D30 FIPS_text_end=000622A8 FIPS_text_start=0003CCF0 FINGERPRINT_ascii_value=000D5B7C DOTrodata=000CFF64 DOTrodata_OFF=000CFF64 DOTtext=0003CAB8 DOTtext_OFF=0003CAB8 TSTART 568 TLEN 153016 TOFF 249076 INCORE_ADJUST 4 RSTART 0 RLEN 21204 ROFF 851812 FSTART 23576 FLEN 40 FOFF 875388 embedded: ?have to make sure this string is unique calculated: bfin-linux-uclibc-gcc: b2c32cb9f8f9fe63b2eafb1cea7e8022574d12d0": No such file or directory : warning: missing terminating " character fips/../fips/fips_premain.c:71: error: missing terminating " character fips/../fips/fips_premain.c:71: error: expected expression before â;â token fips/../fips/fips_premain.c: In function âFINGERPRINT_premainâ: fips/../fips/fips_premain.c:92: warning: implicit declaration of function âFIPS_text_startâ fips/../fips/fips_premain.c:92: warning: comparison between pointer and integer -- View this message in context: http://openssl.6102.n7.nabble.com/Cross-compiling-1-2-2-for-the-Analog-Devices-Blackfin-tp48173p48175.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE-2013-6450 and 0.9.8-line
Oh, okay. Thank you for that tidbit. If not a DoS, how does the issue manifest itself in 0.9.8 if an adversary uses/attempts to use the flaw? Thanks. - Original Message - > From: Dr. Stephen Henson > To: openssl-users@openssl.org > Cc: > Sent: Thursday, January 16, 2014 12:22 PM > Subject: Re: CVE-2013-6450 and 0.9.8-line > > On Thu, Jan 16, 2014, no_spam...@yahoo.com wrote: > > >> It is my understanding that 0.9.8y contains the DTLS retransmission flaw >> described in CVE-2013-6450. >> > > It contains the flaw but it is not a DoS issue in 0.9.8. > > It's not a trivial fix for 0.9.8 because the DTLS record handling changed in > 1.0.0. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL Handshake difference between 0.9.8g v/s 1.0.0e
Hi, I am migrating my application from 0.9.8g to 1.0.1e and using an external session cache for ssl session renegotiation. I notice slight performance degradation when running 1.0.1e When i debug using ssldumo here is what i observe: *0.9.8g* New TCP connection #6: localhost.localdomain(59162) <-> localhost.localdomain(12346) 6 1 0. (0.) C>SV3.1(81) Handshake ClientHello Version 3.1 random[32]= 52 d8 8a 50 53 9a 04 32 dc 38 89 93 b1 ea b2 bb 50 71 08 a4 02 44 6f 8e 12 fc cb 75 0a 64 cc b0 resume [32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipher suites TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA compression methods NULL 6 2 0.0011 (0.0010) S>CV3.1(74) Handshake ServerHello Version 3.1 random[32]= 52 d8 8a 50 22 5b 5c db 99 15 8f 57 3a 9c 3b 9d c3 bd 9b 9b a8 3f 7d 66 a3 fd a1 4e 2f 2e 3c a6 session_id[32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL 6 3 0.0011 (0.) S>CV3.1(1) ChangeCipherSpec 6 4 0.0011 (0.) S>CV3.1(40) Handshake 6 5 0.0013 (0.0001) C>SV3.1(1) ChangeCipherSpec 6 6 0.0013 (0.) C>SV3.1(40) Handshake 6 7 0.0014 (0.0001) C>SV3.1(24) application_data 6 8 0.0014 (0.) C>SV3.1(960) application_data 6 9 0.0045 (0.0031) S>CV3.1(24) application_data 6 10 0.0045 (0.) S>CV3.1(640) application_data 6 11 0.0062 (0.0016) C>SV3.1(24) Alert 6 12 0.0063 (0.) S>CV3.1(24) Alert 60.0064 (0.0001) C>S TCP RST *1.0.1e* New TCP connection #7: localhost.localdomain(59171) <-> localhost.localdomain(12346) 7 1 0. (0.) C>SV3.1(94) Handshake ClientHello Version 3.1 random[32]= 52 d8 8a a9 cf 2d eb 75 51 44 f8 3e 6a 55 03 4f 5d a8 99 3e 4e ca 14 da a8 ea a0 8e 3c f0 45 48 resume [32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipher suites TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA Unknown value 0xff compression methods NULL 7 2 0.0017 (0.0016) S>CV3.1(90) Handshake ServerHello Version 3.1 random[32]= 52 d8 8a a9 b1 12 c9 db cc 61 cf fb e5 34 b5 4b c3 54 2a f7 19 9b b9 03 e8 65 36 70 c0 a0 fc 66 session_id[32]= cf b7 4b 45 69 a1 72 7d cc 0f 0d 84 9d e7 c2 3d c0 e3 d8 70 06 80 02 71 71 16 9a bf da 99 2a 2d cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL *7 3 0.0017 (0.) S>CV3.1(1178) Handshake* * TLS_RSA_WITH_RC4_128_MD5* 7 4 0.0017 (0.) S>CV3.1(1) ChangeCipherSpec 7 5 0.0017 (0.) S>CV3.1(40) Handshake 7 6 0.0019 (0.0002) C>SV3.1(1) ChangeCipherSpec 7 7 0.0019 (0.) C>SV3.1(40) Handshake 7 8 0.0021 (0.0001) C>SV3.1(24) application_data 7 9 0.0021 (0.) C>SV3.1(960) application_data 7 10 0.0052 (0.0030) S>CV3.1(24) application_data 7 11 0.0052 (0.) S>CV3.1(640) application_data 7 12 0.0069 (0.0017) C>SV3.1(24) Alert 7 13 0.0070 (0.) S>CV3.1(24) Alert 70.0071 (0.) C>S TCP RST I am wondering why ssldump is printing an extra handshake message with the cipher which i have not enabled in my code. Any pointers on what could be going on here? -- Rohit Bansal
